On Fri, 27 Oct 2017 06:01, dan.ho...@redbone.co.nz said: > gpg2 --verify-sign <key-id> <filename>
Verification against a set of known keys is done using gpgv
gpgv FILE
which uses ~/.gnupg/trustedkeys.gpg. To specifiy another file with keys
you use
gpgv --keyring KEYRING FILE
here is how we do this when building GnUPG using the Speedo scripts:
if ! $GPGV --keyring "$distsigkey" swdb.lst.sig swdb.lst; then
echo "list of software versions is not valid!" >&2
exit 1
fi
This is from gnupg/build-aux/getswdb.sh. To create the file with the
keys you can do this:
gpg --export --export-options export-minimal FPR1 FPR2 FPR2 >trustedkeys.gpg
Do _not_ use --armor. --export-options is not really required but
strips down the size of the key.
@Rob: Shouldn't we mention gpgv in the FAQ?
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgpqFduEBlmWG.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
